Position Overview
Roles/Responsibilities 6-month contract with potential for extension. Hybrid role (1-2 days onsite per week). Monitor and manage application security vulnerabilities identified via penetration tests, SAST, DAST, and other sources, ensuring timely resolution within defined SLAs. Triaging vulnerabilities to determine if they require action or can be marked as false positives, providing justifications for decisions. Collaborate with penetration testing providers to ensure tests are conducted in a timely manner and results are actionable. Serve as a liaison with the group security team to maintain a single source of truth for vulnerabilities and resolve disputes regarding false positives. Design and implement security enhancements for APIs and web applications developed in Node.js and Maintain and refine software application security policies and procedures to align with best practices. Provide technical guidance to the Solution Delivery team to ensure security best practices are embedded ...